Threat Database Ransomware Peet Ransomware

Peet Ransomware

The most active ransomware family in 2019 has undoubtedly been the STOP Ransomware family, with numerous variants of this file-locking Trojan popping up. One of the newest copies of the STOP Ransomware family that was spotted by malware researchers is called the Peet Ransomware.

Propagation and Encryption

The infection triggers utilized in the spreading of the Peet Ransomware have not yet been revealed. Some cybersecurity experts believe that among the propagation methods used in the Peet Ransomware campaign may be spam emails containing infected attachments, bogus application updates, and fake pirated copies of popular software tools. Upon infiltrating a system, the Peet Ransomware will start a scan whose aim is to locate all the files, which fit the ransomware threat's criteria. Like most threats of this type, the Peet Ransomware makes sure to target all popular file types. This ensures maximum damage and makes it more likely for the cyber crooks to get the cash they are after. When the scan is completed, and the targeted files are located, the Peet Ransomware will proceed by triggering its encryption process. When the Peet Ransomware encrypts a targeted file, it also will alter its name by adding a '.peet' extension to the file name. For example, an audio file, which the user had named 'bubble-wrap.mp3' originally, will be renamed to 'bubble-wrap.mp3.peet' when the encryption process is through.

The Ransom Note

After locking all the targeted data, the Peet Ransomware will drop its ransom note. The name of the note is '_readme.txt.' In the note, the attackers say that the ransom fee is $490 for all users who make contact with them within 72 hours of the attack taking place. However, victims who fail to meet the deadline will have to pay double the amount - $980. One file can be unlocked free of charge as this is a way of proving to the user that the attackers are capable of reversing the damage. There are two email addresses given as a mean of communication – ‘salesrestoresoftware@firemail.cc' and ‘salesrestoresoftware@gmail.com.'

It is best to stay away from cyber crooks like the ones behind the Peet Ransomware as there is no guarantee that they will send you the decryption key you need, even if you agree to pay the ransom fee. This is why you should look into obtaining a legitimate anti-spyware application and use it to remove the Peet Ransomware from your computer.

Related Posts

Trending

Most Viewed

Loading...